I've setup nss-ldapd 0.7.12 in ubuntu server 64b with Windows 2008r2 + AD.I took a good care to disable nscd as I know it is sometimes the source of problems.Both windows and Ubuntu run on the same server using vmware, so no physical network issues on that side.

Most of the time, all is fine. I get my users, I get my groups, I can authenticate users and I'm happy.But, for some reasons, nslcd seems at some points "confused" and loose all the connections and can get it back or after and extended period of time...

I'll try to be as concise as possible :

1 - the ldap idle issue:In the conf file, I have set the following parameters:bind_timelimit 15timelimit 30idle_timelimit 5reconnect_sleeptime 5
reconnect_retrytime 5

The idle time is set to 5 seconds. I've noticed if I start the service and perform one query, a connection is created (ok). I wait 10 second and perform another query. A second tcp connection is open and the first one is still as ESTABLISHED. I can do the same and get a total of 5 active tcp connection with none being closed after 5 seconds.
In the code, there's a message like this "myldap_session_check(): idle_timelimit reached" but I can't get it displayd with -d option.

2 - the reconnection issue.Not sure why, but if the server is a bit "busy" it seems to be ok. Though, if my linux server is mostly idling, it starts to become a problem. I got messages like this one :

And then, for some reasons (maybe when AD closes the TCP connection ?) nslcd seemd to be back online and starts to send queries again. Otherwise, I have to stop the daemon myself and then restart it to have resolution working again.

As mentioned above, both server are on the same computer, so I hardly seem a network problem at this level... And AD doesn't seem to reject any connection using the event viewer...

I don't know if anyone already had such problem in the past, but any help would be great. I can provide as many logs as you want if you need some and even do some beta testings.

This archive was generated using
mhonarc
on Sun Mar 01 04:05:05 2015.
If you have any questions about these pages, please contact
listmaster [at]
arthurdejong.org.
Please see the mailing list policy and disclaimer.